Re: Re:Re: [users@httpd] how to block the duplicated requests?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I would recommend that you write it into your java application. An application that does a "lottery" with each request should probably include rate-limiting itself. That way, if you ever make changes, all the logic of the application is in one place.

- Y

Sent from a gizmo with a very small keyboard and hyperactive autocorrect.

On May 19, 2015 11:22 AM, "javalishixml" <javalishixml@xxxxxxx> wrote:

Great thank you, Yehuda.

I see you speak "Though those modules exist, this might be best implemented in your application"
How can I understand it? I should write a c program for apache? or I should write some java web application at tomcat level?
Because this is a web site, it has to face concurrency issue. So I prefer to resolve this issue at httpd level.
Not sure if my thinking is good or not? 
Can you plz explain it more clear...

Looking forward to your nice feedback    :)

At 2015-05-19 22:01:45, "Yehuda Katz" <yehuda@xxxxxxxxxx> wrote:
There are a few modules that you might be able to modify to meet your needs - although these things are generally designed for DDoS protection.
Though those modules exist, this might be best implemented in your application.

Another way to do it would be with a log parsing tool like Fail2Ban.

- Y

On Tue, May 19, 2015 at 4:29 AM, javalishixml <javalishixml@xxxxxxx> wrote:
Hi,

I have a website. It is built by apache + tomcat.

Now we make a lottery activity at this website. But we find that some robots always raise the duplicated requests to hit this lottery activity. It causes that robots almost get all the awards.

So we just want to block these kind of duplicated requests at every interval unit.
For example, we set the interval unit is 3 seconds. The if the robot want to hit the lottery activity in 3 seconds, the website could block this action.

So how to do it? I suppose if we do it at tomcat level, is it a very low performance? Can I do it at apache level? how to do it?
If I could not do it apache level?

Thanks in advance,
Java Coder





[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux